In accordance with embodiments of the present disclosure, a binary translator can perform address shifting on the binary code of an executing application. Address shifting serves to shift the addresses of memory operations that can access locations in the kernel address space into address locations in the user space, thus avoiding speculative access into the kernel address space.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for executing an application by a central processing unit (CPU) in a computer system, the method comprising: accessing, by the computer system, a code page of the application from a physical memory of the computer system, the accessed code page comprising computer executable instructions to be executed by the CPU; rewriting, by the computer system, the accessed code page to produce a rewritten code page, including: copying computer executable instructions in the accessed code page to the rewritten code page; and in response to a computer executable instruction being a memory operation, writing address shifting code associated with the memory operation to the rewritten code page followed by writing the memory operation to the rewritten code page, wherein for each memory operation in the rewritten code page, its associated address shifting code is inserted immediately prior in sequence to that memory operation, wherein the accessed code page is marked for non-execution, wherein the rewritten code page is marked for execution; and executing, by the computer system, computer executable instructions in the rewritten code page instead of executing computer executable instructions in the accessed code page.
2. The method of claim 1 , wherein rewriting the accessed code page further includes rewriting a memory operation to produce a replacement memory operation and writing the replacement memory operation to the rewritten code page.
3. The method of claim 1 , wherein rewriting the accessed code page to produce a rewritten code page occurs in response to a first occurrence of an access to a computer executable instruction in the accessed code page.
4. The method of claim 1 , wherein, for each memory operation, its associated address shifting code masks out a range of addresses that belong to a kernel address space in a virtual address space of the computer executable machine instructions to prevent access to a kernel address space by that memory operation.
5. A non-transitory computer-readable storage medium having stored thereon computer executable instructions, which when executed by a computer device, cause the computer device to: access a code page of the application from a physical memory of the computer system, the accessed code page comprising computer executable instructions to be executed by the CPU; rewrite the accessed code page to produce a rewritten code page, including: copying computer executable instructions in the accessed code page to the rewritten code page; and in response to a computer executable instruction being a memory operation, writing address shifting code associated with the memory operation to the rewritten code page followed by writing the memory operation to the rewritten code page, wherein for each memory operation in the rewritten code page, its associated address shifting code is inserted immediately prior in sequence to that memory operation, wherein the accessed code page is marked for non-execution, wherein the rewritten code page is marked for execution; and execute computer executable instructions in the rewritten code page instead of executing computer executable instructions in the accessed code page.
6. The non-transitory computer-readable storage medium of claim 5 , wherein rewriting the accessed code page further includes rewriting a memory operation to produce a replacement memory operation and writing the replacement memory operation to the rewritten code page.
7. The non-transitory computer-readable storage medium of claim 5 , wherein rewriting the accessed code page to produce a rewritten code page occurs in response to a first occurrence of an access to a computer executable instruction in the accessed code page.
8. The non-transitory computer-readable storage medium of claim 5 , wherein, for each memory operation, its associated address shifting code masks out a range of addresses that belong to a kernel address space in a virtual address space of the computer executable machine instructions to prevent access to a kernel address space by that memory operation.
9. An apparatus comprising: one or more computer processors; and a computer-readable storage medium comprising instructions for controlling the one or more computer processors to be operable to: access a code page of the application from a physical memory of the computer system, the accessed code page comprising computer executable instructions to be executed by the CPU; rewrite the accessed code page to produce a rewritten code page, including: copying computer executable instructions in the accessed code page to the rewritten code page; and in response to a computer executable instruction being a memory operation, writing address shifting code associated with the memory operation to the rewritten code page followed by writing the memory operation to the rewritten code page, wherein for each memory operation in the rewritten code page, its associated address shifting code is inserted immediately prior in sequence to that memory operation, wherein the accessed code page is marked for non-execution, wherein the rewritten code page is marked for execution; and execute computer executable instructions in the rewritten code page instead of executing computer executable instructions in the accessed code page.
10. The apparatus of claim 9 , wherein rewriting the accessed code page further includes rewriting a memory operation to produce a replacement memory operation and writing the replacement memory operation to the rewritten code page.
11. The apparatus of claim 9 , wherein rewriting the accessed code page to produce a rewritten code page occurs in response to a first occurrence of an access to a computer executable instruction in the accessed code page.
12. The apparatus of claim 9 , wherein, for each memory operation, its associated address shifting code masks out a range of addresses that belong to a kernel address space in a virtual address space of the computer executable machine instructions to prevent access to a kernel address space by that memory operation.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
June 8, 2018
November 3, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.